[strongSwan] Certificates in cacerts directory
danielml+mailinglists.strongswan at sent.com
Fri Mar 5 16:58:50 CET 2010
ABULIUS, MUGUR (MUGUR) wrote:
>> If rightca is specified then we only request certificates issued by rightca.
>> Otherwise we send certificate requests for all CAs contained in /etc/ipsec.d/cacerts/
> If "rightca=" is specified, then it is required that a certificate matching the specified
> DN to be present locally in "/etc/ipsec.d/cacerts/" ?
I guess yes. I mean strongSwan has to read the certificate from somewhere.
You could also create a ca section as described at
if you want to store the certificate in a non-default location.
More information about the Users